package com.pactera.demo.config;

import com.pactera.demo.service.UserDetailsServiceImpl;
import org.jasig.cas.client.session.SingleSignOutFilter;
import org.jasig.cas.client.validation.Cas30ServiceTicketValidator;
import org.jasig.cas.client.validation.TicketValidator;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.ProviderManager;
import org.springframework.security.cas.ServiceProperties;
import org.springframework.security.cas.authentication.CasAuthenticationProvider;
import org.springframework.security.cas.web.CasAuthenticationEntryPoint;
import org.springframework.security.cas.web.CasAuthenticationFilter;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.logout.LogoutFilter;
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;

import java.util.Arrays;

/**
 * <p>
 *
 * </p>
 *
 * @author chang.zhou
 * @version version
 * @date Created in 2020/3/11 18:43
 */
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    private CasAuthenticationEntryPoint casAuthenticationEntryPoint;
    private CasAuthenticationFilter casAuthenticationFilter;
    private LogoutFilter logoutFilter;
    private SingleSignOutFilter singleSignOutFilter;
    private AuthenticationProvider authenticationProvider;

    public SecurityConfig(CasAuthenticationEntryPoint casAuthenticationEntryPoint,
                          CasAuthenticationFilter casAuthenticationFilter,
                          LogoutFilter logoutFilter,
                          SingleSignOutFilter singleSignOutFilter,
                          AuthenticationProvider authenticationProvider) {
        this.casAuthenticationEntryPoint = casAuthenticationEntryPoint;
        this.casAuthenticationFilter = casAuthenticationFilter;
        this.logoutFilter = logoutFilter;
        this.singleSignOutFilter = singleSignOutFilter;
        this.authenticationProvider = authenticationProvider;
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.authenticationProvider(this.authenticationProvider);
        //super.configure(auth);
    }



    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable().cors()
                .and()
                .authorizeRequests().antMatchers("/sign-on").authenticated()
                .and().authorizeRequests().antMatchers("/**").permitAll()
                .and().formLogin();
        http.exceptionHandling().authenticationEntryPoint(this.casAuthenticationEntryPoint)
                .and().addFilter(this.casAuthenticationFilter)
                .addFilterBefore(logoutFilter, LogoutFilter.class)
                .addFilterBefore(singleSignOutFilter, CasAuthenticationFilter.class);
        super.configure(http);
    }
}
